How hackers are exploiting COVID-19

Share this post:

Remote working coupled with uncertainty around coronavirus gives hackers leverage into critical data.

While COVID-19 has been a cause for pause for much of the world, for sophisticated cybercriminals it has been a catalysing force.

The Morrison government’s $1.34b investment in bolstering the country’s cybersecurity defences should be taken as a wake-up call to corporate Australia, according to industry experts.

While COVID-19 has been a cause for pause for much of the world, for sophisticated cybercriminals it has been a catalysing force.

According to IBM’s X-Force, COVID-19-related spam emails have exploded — growing 14,000 per cent in two weeks in March alone.

Hackers have been using the health and economic turmoil to exploit both individuals personally — using phishing and other methods to trick users into revealing their financial data — or take advantage of the work-from-home phenomenon caused by office shutdowns.

Chris Hockings, Chief Technology Officer for IBM Security across Australia and New Zealand, says the rate of attack has soared during COVID, with incidents that IBM’s cybersecurity team responded to up by 75 per cent in the US, 125 per cent in Europe and 40 per cent in Asia Pacific in the first half of the year.

With remote working likely to be the norm for many businesses until a vaccine is found, the corporate firewall is no longer an effective defence.

“People are now in networks outside of corporate boundaries and organisations need to make new routes through to corporate IT,” Hockings says.

“Some of these vulnerable interfaces are then open for attackers to exploit. People in these networks are a little bit more vulnerable in terms of state of mind. So if you fill the system with spam, you’re going to get a percentage of people clicking on links that are bad and infecting their own computers and therefore being a launch pad for attackers to then infiltrate company networks.”

Speaking on The Australian’s Forward Slash Podcast, Nick Savvides, senior director of strategic business at cybersecurity firm Forcepoint, says that global news events such as COVID are perfect fodder for manipulation.

“Cybercriminals are actively trying to capitalise on the confusion that reigns in this situation,” Savvides says.

“People were getting the $750 bonus, JobKeeper and JobSeeker subsidies. Humans are reading (about it) on Facebook and Twitter, and hear snippets on the radio. It provides a great opportunity for a cyber criminal to say, ‘hey, you’re eligible for that one-off bonus the government is paying. Click here to get it’. And there’s just enough seed in someone’s mind to click on that link, fill out that form, hand over my details and then discover that I’ve been cleared out.”

Recognition from the federal government that significant investment must be made into cyber defence couldn’t have been more timely, with a recent survey showing that many firms are still not adequately prepared for cyber attacks.

A global study by the Ponemon Institute, sponsored by IBM, found that while organisations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks during the past five years, their ability to contain an attack has declined by 13 per cent during this same period. The fifth annual Cyber Resilient Organization Report, which surveyed 3400 IT professionals from corporations across the US, India, Germany, United Kingdom, Brazil, Japan, Australia, France, Canada, ASEAN, and the Middle East, discovered that three-quarters of organisations are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all.

Australia fared better than many of the countries on the list, with 46 per cent of firms saying they had improved their cyber resilience since the previous survey but, worryingly, less than a quarter of respondents said they had a Cybersecurity Incident Response Plan (CSIRP) that was applied consistently across the business.

40 per cent of respondents said they only had an informal or ad hoc CSIRP or none at all.

Formulating a consistent cybersecurity response plan will be critical as the rate and severity of attacks was already increasing before COVID became a factor. According to the Ponemon survey, 71 per cent of Australian respondents reported they had seen an increase in the volume of attacks, with 64 per cent saying that attacks had become more severe. The biggest fear of respondents was leakage of high value information (61 per cent) and data centre downtime (44 per cent).

With such critical business functions at risk, and the near impossibility of ensuring good cyber hygiene across so many remote workers, firms are turning to technological solutions. IBM  advocates for predictive threat intelligence to get ahead of the problem.

“We really do need to get to a point where we get ahead of the threat and take the decision out of the hands of the end user and try to protect them beyond their compute environment,” Hockings says.

Woman looking at her computer screen

“IBM has been doing a lot of work in understanding what the global threat looks like in terms of current attacks. Who’s being affected? What industry? And then helping our clients remove those vulnerabilities and threats before they become a problem inside of their computers.”

It is a program that has worked particularly well in the financial industry, where phishing attacks aimed at scamming users out of their banking details were being targeted at multiple banks in multiple geographies.

“Let’s say we’ve got 100 banks, subscribed to a particular service and the attacker decides to go after one bank first,” Hockings says.

“We are able to detect that particular problem happening at that first bank and then remediate that issue and pass it on to the other 99. So it’s about getting ahead of the threat and protecting the ecosystem at a global scale before the attacker gets the opportunity to infiltrate those other 99 banks.”

Filtering out those threats in advance is a strategic pillar of the government’s recent announcement to create 500 news jobs on the cybersecurity front lines. According to Tom Uren, a senior analyst at Australian Strategic Policy Institute’s Cyber Policy Centre, it’s a recognition by the government of the need to protect the country’s economic prosperity.

“If you have a commercial advantage that degrades over time, suddenly your company is not viable anymore because of overseas competition. It cuts away at the prosperity of Australia by changing the balance of commercial agreements for trade. And it’s insidious in the sense that one event, one loss of data just chips away gradually. So that over time, we’re in a much worse place than we would have been otherwise.”

“The people who assign resources in larger companies and across the economy need to really understand that cybersecurity is a thing they need to invest money in, and that it actually underpins our prosperity in the longer term,” Uren says.

Originally published in The Australian
More Security stories

How IBM is helping to skill South Australian students for the jobs of the future

By Jade Moffat Herman, Corporate Social Responsibility Lead, IBM A/NZ After almost seven years at IBM Australia and New Zealand, you don’t need to tell me how rewarding a career in technology can be. In my role as Corporate Social Responsibility Lead, I am honoured to work closely with leading public sector, not-for-profit and educational […]

Continue reading

Four Australian teams lead the 2021 Call for Code to help combat climate change

By Alison Haire, Lead Developer Advocate, Hybrid Cloud Build Team Solving global challenges like climate change may seem never-ending, but we can draw inspiration and hope from communities that are making a difference. The open-source movement is one such community, involving hundreds of thousands of individuals and organisations around the world. Together, they have created […]

Continue reading

How to avoid data breaches while accelerating your digital transformation

Author: Chris Hockings, Chief Technology Officer (Cyber Security), IBM Australia and New Zealand  As the pandemic accelerated your need for digital transformation, you needed to act. And fast. And you were not alone. But new findings from the recent IBM-Ponemon Institute Cost of a Data Breach Report 2021 suggest that an organisation’s pace of change […]

Continue reading